undefined | Better HN

0 pointseps4y ago0 comments

The "filtering capability" actually makes up a good half of its worth. Being able to very quickly drill down to an annotated call stack for a specific IRQ on a specific file is really handy.

0 comments

Hello714y ago

> call stack

strace -k

> specific IRQ

IRQs are very low level and can't be traced by strace or procmon. both can easily log specific syscalls, e.g. strace -e. strace can't quite filter on ioctl, but apparently procmon can't trace ioctl at all: https://stackoverflow.com/questions/9947933/how-to-log-the-d..., so strace is ahead there.

> specific file

strace -P path

Arnavion4y ago

>> call stack

>strace -k

>> specific file

>strace -P path

That strace can do it too is fine and all, but the Windows ProcMon collects a trace that you can then filter, like Wireshark. So it enables a workflow where you have no idea what's going on, collect a trace, and discover what entry to focus on and what paths to filter for. (This is what I demonstrated in the msys issue link I posted.)

An equivalent workflow is possible with strace too of course; pipe `strace` to a file and then discover what paths you want to grep for. It does become a bit noisy when the stack of every syscall is included, and requires more complicated grepping because it spans multiple lines, so you might have to first pre-process it into something structured like JSON.

j / k navigate · click thread line to collapse